Computer scientists have released a tool that disguises communications sent through the Tor anonymity service as Skype video calls, a cloak that's intended to prevent repressive governments from blocking the anonymous traffic.

SkypeMorph, as the application is called, is designed to remedy a fundamental limitation of Tor: While the communications are cryptographically secured, unique characteristics of their individual data packets make them easy to identify as they travel over the networks. In the past, for example, the cryptographic key exchange was different in Tor transactions and the certificates used were typically valid for only a matter of hours, compared with as long as a year or two for certificates used by most Web servers. These fingerprints made it possible for government censors in Iran, China, and elsewhere to block data traveling over Tor while leaving the rest of the country's communications intact.

Tor developers have remedied those shortcomings, but other unique signatures still exist. The idea behind SkypeMorph is to camouflage Tor communications so they blend in as traffic that government censors are reluctant to restrict.

"The goal is to make the traffic look like some other protocol that they are not willing to block," Ian Goldberg, a professor at the Cheriton School of Computer Science at the University of Waterloo, told Ars. "They could just shut off the Internet, of course, like Egypt did for a few days a year or so ago, but that, of course, would be extremely unpopular to their own people that are wondering why can't see pictures of cute cats."

A censorship arms race

The release of SkypeMorph comes a few months after a separate research team in Sweden uncovered changes the Chinese government made to its "Great Firewall" censorship infrastructure to make it harder for citizens to use Tor. Although their research paper (PDF) was only recently published, the findings have been public for a few months, said Goldberg, who sits on the Tor Project's board of directors. As censors in China and elsewhere devise increasingly sophisticated measures of detecting and blocking the anonymity service, it falls on Tor volunteers to find new ways to thwart them.

"The whole point of SkypeMorph is exactly because the Great Firewall is so complex," said Goldberg, who refers to the jockeying between privacy advocates and governments as a censorship arms race. "You have to very convincingly pretend your traffic is something else, like Skype."

SkypeMorph relies on the Microsoft-owned VoIP service to establish a cryptographically secured connection between an end user and unlisted entry points, known as bridges, to the Tor network. By sending a few short Skype messages to one of the bridges, a Tor user performs a Diffie Hellman key exchange to make sure the connection can be trusted. Once the handoff is completed, SkypeMorph initiates a Skype video call to the bridge and quickly drops it. The bridge and the end user then use the key to securely communicate using normal Tor protocols.

To prevent the Tor traffic from being recognized by anyone analyzing the network flow, SkypeMorph uses what's known as traffic shaping to convert Tor packets into User Datagram Protocol packets, as used by Skype. The traffic shaping also mimics the sizes and timings of packets produced by normal Skype video conversations. As a result, outsiders observing the traffic between the end user and the bridge see data that looks identical to a Skype video conversation.

The SkypeMorph developers chose Skype because the software is widely used throughout the world, making it hard for governments to block it without arousing widespread criticism. The developers picked the VoIP client's video functions because its flow of packets more closely resembles Tor traffic. Voice communications, by contrast, show long pauses in transmissions, as one party speaks and the other listens.

"It's not enough just to send encrypted packets to a particular port, Goldberg explained. "You want to send them in patterns and sequences and sizes and distributions that look as realistic as possible. What our system does is go a step beyond traffic morphing and not only matches the packet size distributions but also matches the timing distributions."

To prevent the Skype network from being overburdened, SkypeMorph sends data directly over the Internet once the VoIP client has been used to establish a secured connection.

Modular obfuscation plugins

The application makes use of programming interfaces built into Tor that allow the program to work with obfuscation extensions called pluggable transports. Such add-ons appear as SOCKS proxies to the Tor client and allow data delivered to bridges to be sent in obfuscated ways. Developers can design pluggable transports for Tor in much the way people write add-ons for the Firefox or Chrome browsers.

So far, the only pluggable transport available for Tor is known as obfsproxy. It passes traffic between end users and bridges through a stream cipher. SkypeMorph is designed to extend the benefit of this plugin "to address its limitation of not outputting innocuous-looking traffic," Goldberg's research paper (PDF) describing the software said.

The SkypeMorph paper was co-authored by Hooman Mohajeri Moghaddam, Baiyu Li, and Mohammad Derakhshani, all of whom were students enrolled in a class taught by Goldberg titled Hot Topics in Privacy Enhancing Technologies.

Because many people use Skype to talk to their relatives, friends, and family abroad. China sends a lot of students to the US and Skype is important for them to stay in touch. Blocking it would be a major annoyance.

Because many people use Skype to talk to their relatives, friends, and family abroad. China sends a lot of students to the US and Skype is important for them to stay in touch. Blocking it would be a major annoyance.

Bingo. Put another way, the political cost to block Skype is much higher than blocking Tor.

Very cool, glad to see researchers and the Tor team working to keep up in this game. I'm hopeful that eventually we'll see modern broadband connections become common in North America and have Tor as a major beneficiary.

Because many people use Skype to talk to their relatives, friends, and family abroad. China sends a lot of students to the US and Skype is important for them to stay in touch. Blocking it would be a major annoyance.

Skype is already "blocked" in China. You have to download a special version from tom.com which is modified to be able to send the government your text messages. There is probably no effect on the video portion as of yet. Anyway, it's a little late for Tor, which has been mostly unusable for that last couple years. Everyone uses Freegate now.

Too bad users in the US need the service as much as (if not more than) Chinese denizens. :|

Go USA. :|

Yeah! The grass is always greener somewhere else.

Why the eyeroll? Look at the USA 20 years ago and look at it now. 20 years ago, if I'd have told you that you would require an Xray to get on the plane, that you could be denied from flying anywhere with no judicial oversight (TSA), that you can be strip searched after being arrested for a late parking ticket (yesterday's SCOTUS decision), that saying your opinion about a product could get you sued for libel (Oprah), that copyright extends almost and sometimes greater than a century (thank the MafiAA), that corporations can give money to political candidates with no real limitations (citizens united), that your local police department is getting all kinds of "terrorist hunting" gear (patriot act, DHS), that local cops could fly drones overhead to spy on your every move (recent FAA rule change), that your cellphone can be searched without a warrant (Cali appeals court decision), that telecom carriers were spying on customers without judicial oversight (FISA)... etc, etc etc,..

You'd have laughed in my fucking face.

We're not quite as oppressive as China (yet), but you'd have to be blind not to see the pattern.

Do US users have to download a special version of Skype that allows the gov't to receive all your text messages?

Yes, the US has a fierce and lively debate about security vs privacy, but no one will take you seriously in that debate when you make such ridiculous statements.

It's like saying you know what it's like to be in a hurricane because you got rained on once. Yes, they're both wet, but they are not the same.

TK wrote:

Ostracus wrote:

Nagumo wrote:

Too bad users in the US need the service as much as (if not more than) Chinese denizens. :|

Go USA. :|

Yeah! The grass is always greener somewhere else.

Why the eyeroll? Look at the USA 20 years ago and look at it now. 20 years ago, if I'd have told you that you would require an Xray to get on the plane, that you could be denied from flying anywhere with no judicial oversight (TSA), that you can be strip searched after being arrested for a late parking ticket (yesterday's SCOTUS decision), that saying your opinion about a product could get you sued for libel (Oprah), that copyright extends almost and sometimes greater than a century (thank the MafiAA), that corporations can give money to political candidates with no real limitations (citizens united), that your local police department is getting all kinds of "terrorist hunting" gear (patriot act, DHS), that local cops could fly drones overhead to spy on your every move (recent FAA rule change), that your cellphone can be searched without a warrant (Cali appeals court decision), that telecom carriers were spying on customers without judicial oversight (FISA)... etc, etc etc,..

You'd have laughed in my fucking face.

We're not quite as oppressive as China (yet), but you'd have to be blind not to see the pattern.

Before 9/11, saying that you could be denied the right to travel without judicial oversight would have been "hyperbole" too.

Quote:

Do US users have to download a special version of Skype that allows the gov't to receive all your text messages?

For all you know, Skype has already been cracked or backdoored at the service level. And even that's not necessary - all a government snoop has to do is hit the company with a national security letter, stating that you might be a terrorist, and your entire conversation history will be turned over with you being none the wiser. So much for due process, eh? (And conversations *are* stored server side, this can easily be tested by having a bunch of conversations on one PC, and then signing into another PC with a system with a fresh Skype install)

But we're so much better, because we actually put a facade of oversight on the process. What a relief!

Quote:

It's like saying you know what it's like to be in a hurricane because you got rained on once

No, it's more like saying "Hm, it's pouring cats and dogs in China but only a drizzle here - but not that long ago, the skies were only cloudy..".

The lengths people go to, to assure themselves that "that CAN'T happen here! This is a democracy! A free country! We don't do that kind of thing!" always astound me, even when the evidence is right in front of their faces.

Why the eyeroll? Look at the USA 20 years ago and look at it now. 20 years ago, if I'd have told you that you would require an Xray to get on the plane, that you could be denied from flying anywhere with no judicial oversight (TSA), that you can be strip searched after being arrested for a late parking ticket (yesterday's SCOTUS decision), that saying your opinion about a product could get you sued for libel (Oprah), that copyright extends almost and sometimes greater than a century (thank the MafiAA), that corporations can give money to political candidates with no real limitations (citizens united), that your local police department is getting all kinds of "terrorist hunting" gear (patriot act, DHS), that local cops could fly drones overhead to spy on your every move (recent FAA rule change), that your cellphone can be searched without a warrant (Cali appeals court decision), that telecom carriers were spying on customers without judicial oversight (FISA)... etc, etc etc,..

You'd have laughed in my fucking face.

We're not quite as oppressive as China (yet), but you'd have to be blind not to see the pattern.

But what do I know? Everything's fine, it could never happen here....

Ah yes, the eternal argument of the idiot. Talk about how the past used to be better... even though it wasn't.

This is the exact same false argument made by far right social conservatives. Good job! You're just as bad as them.

Because many people use Skype to talk to their relatives, friends, and family abroad. China sends a lot of students to the US and Skype is important for them to stay in touch. Blocking it would be a major annoyance.

And living in a repressive government isn't?

Not generally, no. That's the trick to being a "repressive government", you see, to keep the annoyance of your stringent controls low.

Because many people use Skype to talk to their relatives, friends, and family abroad. China sends a lot of students to the US and Skype is important for them to stay in touch. Blocking it would be a major annoyance.

And living in a repressive government isn't?

Not generally, no. That's the trick to being a "repressive government", you see, to keep the annoyance of your stringent controls low.

Skype is already "blocked" in China. You have to download a special version from tom.com which is modified to be able to send the government your text messages. There is probably no effect on the video portion as of yet. Anyway, it's a little late for Tor, which has been mostly unusable for that last couple years. Everyone uses Freegate now.

The Tor network is designed around the assumption that the government can see all of the data you send/receive. It has clever encryption to make such monitoring useless.

Monitoring tor (over skype video or some other means) doesn't achieve anything. What they want to do is block it, and blocking tor embedded in a video connection while still allowing "real" skype videos is a whole lot more difficult (read: expensive) than blocking just plain old tor.

Because many people use Skype to talk to their relatives, friends, and family abroad. China sends a lot of students to the US and Skype is important for them to stay in touch. Blocking it would be a major annoyance.

And living in a repressive government isn't?

Not generally, no. That's the trick to being a "repressive government", you see, to keep the annoyance of your stringent controls low.

Skype is already "blocked" in China. You have to download a special version from tom.com which is modified to be able to send the government your text messages. There is probably no effect on the video portion as of yet. Anyway, it's a little late for Tor, which has been mostly unusable for that last couple years. Everyone uses Freegate now.

The Tor network is designed around the assumption that the government can see all of the data you send/receive. It has clever encryption to make such monitoring useless.

Monitoring tor (over skype video or some other means) doesn't achieve anything. What they want to do is block it, and blocking tor embedded in a video connection while still allowing "real" skype videos is a whole lot more difficult (read: expensive) than blocking just plain old tor.

Do US users have to download a special version of Skype that allows the gov't to receive all your text messages?

I suppose its good news in contrast to:Skype and Microsoft have managed to leapfrog common sense and build a backdoor into your favourite VOIP application. It is called Lawful Interception and is part of a new patent which Microsoft filed back in 2009, but is now preparing to unleash itself into our world due to its recent approval.http://memeburn.com/2011/07/microsoft-a ... sdropping/

I actually discovered this on accident myself when I was in China and was using Skype to communicate with some friends. I bought my laptop in Beijing, so I downloaded Skype, and didn't even notice I didn't get the real version. I only discovered the difference when I found every message that contained the word 'fuck' (in English) was failing to get delivered. At first I thought Skype was filtering my messages.

Vasts numbers of other sites were blocked as well, such as almost any blogging platform (you don't realize how often you read blogs until you don't have access to them... enormous amounts of technical information become unreachable), Tor started getting blocked, initially poorly but eventually in a way that became extremely sophisticated (I could spend hours trying to get a bridge established and never succeed).

On and around June 4th, sending a text message with the wrong phrases could get your phone's service shut off (even something as innocuous as the number '64' or '6/4'). Posting a message on China's versions of Twitter or Facebook or any number of other sites that had the wrong phrase or word would get you a message saying that political content could not be published. Leading up to June 4th tons of Chinese web sites were simultaneously taken down for 'maintenance':http://advocacy.globalvoicesonline.org/ ... nance-day/

I had a friend in his early 20s who spent the first few years of his life fleeing from authorities because he was the 2nd born child in his family and the government was going to kill him (that has since been turned into a fine).

While I was there I was a student and was invited to see my professor appear on a television show. Inviting professors to speak on Chinese television is extremely common. Before the show started, one of the producers asked who wanted to ask questions, and then proceeded to hand out cards to each student telling them to memorize their question.

I have so many more anecdotes... I really can't even begin to describe the unbelievable degree of direct influence and control the government in China has on people's lives every single day. I found it suffocating, and at least I always knew I could leave.

Basically, my point, don't use sensationalist arguments comparing the United States and China on human rights to try to advance an argument that the US is bad. Yes, there may be specific issues in the US that have moved individual liberties backwards in the US. But there is still an unbelievably enormous difference between the US and China. If you don't like something the US is doing, attack it directly. Don't use hyperbole involving China to make your point. It only makes things worse for people in China (your words are picked up and used as 'proof' in authoritarian regimes, including China, that they really aren't that bad).

Ah yes, the eternal argument of the idiot. Talk about how the past used to be better... even though it wasn't.

This is the exact same false argument made by far right social conservatives. Good job! You're just as bad as them.

Lets analyze your statement:

- You called him an idiot- You were cynical- You stated that the past wasn't better without providing any evidence for your claim- You implied that he claimed that the past was better even though he was only giving an example of government and corporate behavior that people would have found unacceptable 20 years ago

All that was just your first sentence!

In the second sentence, you are comparing him with far right social conservatives implying guilt by association which is an ad hominem attack.

So, you didn't provide any substance in your argument against his viewpoint other than trying to discredit him by throwing insults and personal attacks.

@Derek Kent:

It is true that the situation in China and the US cannot be compared but if you observe trends, you will notice that the situation with regards to civil rights in China is slowly improving (whether it is due to outside or inside pressure is irrelevant), but the situation in the US is detoriating fast and tremendous public pressure is required to stop that.

Unfortunately, (voting) majority of people are idiots -- an idiot in Athenian (Greek) democracy was someone who was characterized by self-centeredness and concerned almost exclusively with private—as opposed to public—affairs. That is a type of person who would say "I have nothing to hide so I am going to mind my own business" and continue to do so until they, due to their ignorance, overstep the social, criminal, political, etc, boundaries that have been tightening around them while they were minding their own business.

It is thus crucial to overstate the importance of every government decision and explain it in layman terms so they feel threatened and get involved, because if they don't everyone will suffer.

I bought my laptop in Beijing, so I downloaded Skype, and didn't even notice I didn't get the real version. I only discovered the difference when I found every message that contained the word 'fuck' (in English) was failing to get delivered. At first I thought Skype was filtering my messages.

Yep. This is pretty damn ridiculous, but you can just download the US version if you like, and it works fine. The main issue with the tom.com version is that it adds advertising. Tom.com pay Skype for the right to distribute Skype in China, then add in the filtering and the advertising. Not exactly a "value added service".

Quote:

Other cases are much more obvious. While I was there, I lost access to Facebook and Twitter after riots in Ürümqi:

The Facebook thing is my biggest gripe. Everyone knows how to get around it, so it's pointless, but it's a major annoyance.

It's not the only problem that emerged during 2009. During the time of the riots, things got very ridiculous. You couldn't call Xinjiang from outside of China. I have friends in Xinjiang, so to communicate with them, I had to call friends in other parts of China, then get them to forward on the message.

Quote:

The government has gone so far as to ban things like fantasy and time-travel in television shows

This was just during prime-time. The shows can be shown at any time other than 7-9pm.

In China, there has recently been a TV time-travel fad, and a common theme of these shows was for people to die in an accident, then wake up in the past. There were then several cases of rabid fans of the shows (generally kids) attempting suicide to travel back to the past (I'm not kidding). Also, a group of scammers were selling expensive "time travel holidays", with the predictable outcry in the tabloid media by the victims (again, usually kids). Time-travel shows were banned from being shown during prime-time kids viewing hours as a result of the outcry.